<?php require_once('Connections/db_conn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_db_conn, $db_conn);
$query_User = "SELECT UserID FROM `user` ORDER BY UserID ASC";
$User = mysql_query($query_User, $db_conn) or die(mysql_error());
$row_User = mysql_fetch_assoc($User);
$totalRows_User = mysql_num_rows($User);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    
<?php 
$layout = explode('&&&', file_get_contents('layout.html'));
echo $layout[0];

session_start();
if (!(isset($_SESSION['username'])))
	header("location:login.php");
else if (!(isset($_SESSION['level'])) || $_SESSION['level']==0)
	header("location:AccessDenied.php");
?>

<html>
<body>

<!-- Begin Main Column -->

<div id="mainContent">
	
	<h2>Delete a User</h2>
    
        <form id="form1" method="post" action="">
      <table width="200" border="0">
        <tr>
          <td>Select User:</td>
          <td><label>
            <select name="user" id="user">
              <?php
do {  
?><option value="<?php echo $row_User['UserID']?>"><?php echo $row_User['UserID']?></option>
              <?php
} while ($row_User = mysql_fetch_assoc($User));
  $rows = mysql_num_rows($User);
  if($rows > 0) {
      mysql_data_seek($User, 0);
	  $row_User = mysql_fetch_assoc($User);
  }
?>
                        </select>
          </label></td>
        </tr>
      </table>
      <p>
        <label>
        <input type="submit" name="submit" id="submit" value="Submit" class="button"/>
        </label>
      </p>
  </form>
  
     <?php
   		if($_POST) {
			ob_start();
			$host="localhost"; // Host name
			$username="root"; // Mysql username
			$password=""; // Mysql password
			$db_name="rtl"; // Database name
			$tbl_name="user"; // Table name
			
			// Connect to server and select databse.
			mysql_connect("$host", "$username", "$password")or die("cannot connect");
			mysql_select_db("$db_name")or die("cannot select DB");
			
			$user=$_POST['user'];
			mysql_query("DELETE FROM $tbl_name WHERE UserID='$user'");
			
			echo "<META HTTP-EQUIV='refresh' content='0;URL=DeleteUser.php'>";
			
			ob_end_flush();
   		}
   ?>
  
</div>

<!-- Begin Side Column -->
<!-- Begin Footer -->
<?php
echo $layout[1];
?>

</body>
</html>
<?php
mysql_free_result($User);
?>

